def password_email(user): """ For resetting a user's password. """ from r2.lib.pages import PasswordReset user_reset_ratelimit = SimpleRateLimit( name="email_reset_count_%s" % user._id36, seconds=int(datetime.timedelta(hours=12).total_seconds()), limit=3, ) if not user_reset_ratelimit.record_and_check(): return False global_reset_ratelimit = SimpleRateLimit( name="email_reset_count_global", seconds=int(datetime.timedelta(hours=1).total_seconds()), limit=1000, ) if not global_reset_ratelimit.record_and_check(): raise ValueError("password reset ratelimit exceeded") token = PasswordResetToken._new(user) base = g.https_endpoint or g.origin passlink = base + '/resetpassword/' + token._id g.log.info("Generated password reset link: " + passlink) _system_email(user.email, PasswordReset(user=user, passlink=passlink).render(style='email'), Email.Kind.RESET_PASSWORD, user=user, ) return True
def password_email(user): """ For resetting a user's password. """ from r2.lib.pages import PasswordReset user_reset_ratelimit = SimpleRateLimit( name="email_reset_count_%s" % user._id36, seconds=int(datetime.timedelta(hours=12).total_seconds()), limit=3, ) if not user_reset_ratelimit.record_and_check(): return False global_reset_ratelimit = SimpleRateLimit( name="email_reset_count_global", seconds=int(datetime.timedelta(hours=1).total_seconds()), limit=1000, ) if not global_reset_ratelimit.record_and_check(): raise ValueError("password reset ratelimit exceeded") token = PasswordResetToken._new(user) base = g.https_endpoint or g.origin passlink = base + '/resetpassword/' + token._id g.log.info("Generated password reset link: " + passlink) _system_email( user.email, PasswordReset(user=user, passlink=passlink).render(style='email'), Email.Kind.RESET_PASSWORD, user=user, ) return True
def POST_mute_participant(self, conversation): if conversation.is_internal or conversation.is_auto: return self.send_error(400, errors.CANT_RESTRICT_MODERATOR) sr = Subreddit._by_fullname(conversation.owner_fullname) try: participant = conversation.get_participant_account() except NotFound: return self.send_error(404, errors.USER_DOESNT_EXIST) if not sr.can_mute(c.user, participant): return self.send_error(400, errors.CANT_RESTRICT_MODERATOR) if not c.user_is_admin: if not sr.is_moderator_with_perms(c.user, 'access', 'mail'): return self.send_error(403, errors.INVALID_MOD_PERMISSIONS) if sr.use_quotas: sr_ratelimit = SimpleRateLimit( name="sr_muted_%s" % sr._id36, seconds=g.sr_quota_time, limit=g.sr_muted_quota, ) if not sr_ratelimit.record_and_check(): return self.send_error(403, errors.SUBREDDIT_RATELIMIT) # Add the mute record but only if successful create the # appropriate notifications, this prevents duplicate # notifications from being sent added = sr.add_muted(participant) if not added: return simplejson.dumps( self._convo_to_serializable(conversation, all_messages=True)) MutedAccountsBySubreddit.mute(sr, participant, c.user) permalink = conversation.make_permalink() # Create the appropriate objects to be displayed on the # mute moderation log, use the permalink to the new modmail # system ModAction.create(sr, c.user, 'muteuser', target=participant, description=permalink) sr.add_rel_note('muted', participant, permalink) # Add the muted mod action to the conversation conversation.add_action(c.user, 'muted', commit=True) result = self._get_updated_convo(conversation.id, c.user) result['user'] = self._get_modmail_userinfo(conversation, sr=sr) return simplejson.dumps(result)